package com.example.lirisheng.springbootfinalexperiment.security;


import com.example.lirisheng.springbootfinalexperiment.security.filter.AdminCaptcharFilter;
import com.example.lirisheng.springbootfinalexperiment.security.filter.WeiAuthenticaitonFilter;
import com.example.lirisheng.springbootfinalexperiment.security.provider.MyAuthenticationProvider;
import com.example.lirisheng.springbootfinalexperiment.security.provider.WeiAuthenticationProvider;
import com.example.lirisheng.springbootfinalexperiment.security.handler.*;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.ObjectPostProcessor;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.web.access.intercept.FilterSecurityInterceptor;
import org.springframework.security.web.authentication.LoginUrlAuthenticationEntryPoint;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;

import javax.sql.DataSource;

@Configuration
@EnableWebSecurity
public class AdminSecurityConfig  extends WebSecurityConfigurerAdapter  {
    static final Logger logger = LoggerFactory.getLogger(AdminSecurityConfig.class);

    @Autowired
    MyAccessDeniedHandler myAccessDeniedHandler;

    @Autowired
    MyAuthenticationEntryPoint myAuthenticationEntryPoint;

    @Autowired
    MyAuthenticationSuccessHandler myAuthenticationSuccessHandler;

    @Autowired
    MyAuthenticationFailureHandler myAuthenticationFailureHandler;

    @Autowired
    MyLogoutSuccessHandler myLogoutSuccessHandler;

    @Autowired
    WeiAuthenticationSuccessHandler weiAuthenticationSuccessHandler;

    @Autowired
    WeiAuthenticationFailureHandler weiAuthenticationFailureHandler;

    @Autowired
    MyAuthenticationProvider myAuthenticationProvider;

    @Autowired
    WeiAuthenticationProvider weiAuthenticationProvider;

    @Autowired
    AdminCaptcharFilter adminCaptcharFilter;

    @Autowired
    CustomDesicionManger customDesicionManger;

    @Autowired
    CustomFilterInvocationSecurityMetadataSource customFilterInvocationSecurityMetadataSource;


    @Override
    public void configure(WebSecurity web) throws Exception {
        web
                .ignoring()
                .antMatchers("/html/**")
                .antMatchers("/picture/**")
                .antMatchers("/front/**")
                .antMatchers("/common/**")
                .antMatchers("/error")
                .antMatchers("/swagger-ui.html")
                .antMatchers("/doc.html","/webjars/**","/v2/**","/swagger-resources/**");
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {

       WeiAuthenticaitonFilter weiAuthenticaitonFilter = new WeiAuthenticaitonFilter();
        weiAuthenticaitonFilter.setAuthenticationFailureHandler(weiAuthenticationFailureHandler);
        weiAuthenticaitonFilter.setAuthenticationSuccessHandler(weiAuthenticationSuccessHandler);

        http
                .csrf()
                .disable()
                //.authenticationProvider(daoAuthenticationProvider)
                .authorizeRequests()
                .withObjectPostProcessor(new ObjectPostProcessor<FilterSecurityInterceptor>() {
                    @Override
                    public <O extends FilterSecurityInterceptor> O postProcess(O o) {
                        o.setAccessDecisionManager(customDesicionManger);
                        o.setSecurityMetadataSource(customFilterInvocationSecurityMetadataSource);
                        return o;
                    }
                })
//                .antMatchers("/unAuthenticated","/error","/error1","/admin/loginFail","/upload","/admin/incorrectCap").permitAll()
//                .anyRequest().hasAuthority("ADMIN")
                .and()
                .exceptionHandling()
                .accessDeniedHandler(myAccessDeniedHandler)
                .authenticationEntryPoint(myAuthenticationEntryPoint)
                .and()
                //后台系统authentication filter
                .formLogin()
                .loginProcessingUrl("/adminLogin")
                .successHandler(myAuthenticationSuccessHandler)
                .failureHandler(myAuthenticationFailureHandler)
               // .failureUrl("/admin/loginFail?error")
              // .defaultSuccessUrl("/admin/loginSuccess")
                .and()
                .logout()
                    .logoutUrl("/logout")
                    .logoutSuccessHandler(myLogoutSuccessHandler)
                    .permitAll()
                .and()
//                .addFilterBefore(new CORSFilter(), UsernamePasswordAuthenticationFilter.class)
//                .permitAll().and()
                .addFilterBefore(weiAuthenticaitonFilter, UsernamePasswordAuthenticationFilter.class);
                  //对adminLogin进行腾讯验证码验证
//                .addFilterBefore(adminCaptcharFilter, UsernamePasswordAuthenticationFilter.class);
    }

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.authenticationProvider(myAuthenticationProvider);

    }




}
